CODEWITHSUNDEEP
apache.htaccessurlwebhttps
frostluke
frostluke

Reputation: 81

.htaccess file not redirecting http://www. to https://www

I have made a .htaccess file to redirect all website traffic to https://www..

This is my complete .htaccess file:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

The below redirects work exactly as expected:

http://example.com -> https://www.example.com
https://example.com -> https://www.example.com
https://www.example.com -> https://www.example.com

Except:

http://www.example.com -> http://www.example.com

As shown above, if you go to http://www. it doesn't redirect to the HTTPS version.

Can anyone help me understand why the other redirects are working fine, but that one is not?

Additional Notes: I have looked at a number of posts on StackOverflow, but most of their solutions end in redirect loop errors.

Upvotes: 5

Views: 2277

Answers (3)

Andy S
Andy S

Reputation: 1

After lots of issues with 123 Reg and redirecting all versions of pages to single relevant https page with Wordpress, this is what has worked for me across multiple sites now and has proven effective in terms of SEO. Hope it helps!

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Upvotes: 0

frostluke
frostluke

Reputation: 81

After contacting 123-Reg (my hosting provider), they submitted this solution, which works perfectly:

RewriteEngine on

RewriteCond %{HTTP_HOST} ^example.com [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301,NC]

RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

Basically they have set the script to do two tasks: Change domain to WWW, if it isn't already, THEN change to HTTPS. Also, they used ENV:HTTPS, which is different to what was found in their documentation (ENV:SSL).

Glad to have to this sorted, and maybe this will help out others using 123-Reg Hosting.

Upvotes: 3

MrWhite
MrWhite

Reputation: 45829

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

As you have found, this won't redirect when requesting the canonical hostname (ie. www.example.com) regardless of whether it is HTTP or HTTPS.

You need to change this to something like:

RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteRule (.*) https://www.example.com/$1 [R=301,L]

This will trigger a redirect to the canonical URL if HTTPS is "off" or it's not the canonical hostname.

...but most of their solutions end in redirect loop errors.

If you are behind a proxy (eg. CloudFlare) that is managing your SSL cert then this could still result in a redirect loop because the connection between you and the proxy might be HTTP, not HTTPS. This would mean that your server only serves content over HTTP, not HTTPS. If this is the case then there are additional headers that can be checked on the request (eg. X-Forwarded-Proto) or set a "page rule" in the case of CloudFlare (Flexible SSL - free service).

UPDATE#1: 123-Reg provide a help document regarding SSL. It seems they set an SSL environment variable when "the connection is SSL-secured". This would mean that you could potentially do something like the following instead:

RewriteCond %{ENV:SSL} ^$ [OR]
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteRule (.*) https://www.example.com/$1 [R=301,L]

This is, however, non-standard and "unique" to 123-Reg. (Aside: The PHP code suggestion in the 123-Reg linked document is not the recommended way to check the environment variable, as this would result in an E_NOTICE if the variable is not set!?)

You should also ensure your browser cache is cleared before testing.

UPDATE#2: To help with debugging... to find out what values are being returned, you could assign some Apache values to environment variables and check the values of these in your server-side script (eg. PHP?). For example:

RewriteCond %{HTTPS} (.*)
RewriteRule ^ - [E=APACHE_HTTPS:%1]

# You don't really need this, but for completeness...
RewriteCond %{ENV:SSL} (.*)
RewriteRule ^ - [E=APACHE_SSL:%1]

RewriteCond %{HTTP:X-Forwarded-Proto} (.*)
RewriteRule ^ - [E=APACHE_PROTO:%1]

Then check the environment variables APACHE_HTTPS, APACHE_SSL and APACHE_PROTO in your server-side script. (eg. in PHP, use the getenv() function.)

Upvotes: 1

Related Questions